40c91bff72c07eaba6a75853f9eda7d1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40c91bff72c07eaba6a75853f9eda7d1_JaffaCakes118
Size

183KB
MD5

40c91bff72c07eaba6a75853f9eda7d1
SHA1

8c7d40fc242ef787c6cb4e84e616912144531a5c
SHA256

d0753c481a594bfa578526e2aa5cfb0e0c83aa3d64119b23ce4848214b17754b
SHA512

d68d35ad86fa71e57f2005de4a934da4985be2fbb91ea35b7162a162d2a24d365bd95f2ca0e9244e9035494be347a2f5f970f27049fb294fbb15a8b6702f19c2
SSDEEP

3072:X9VOzoC/pYRk+iR69BsdzGjsvtcdga0FzoAXo3wyf:X9VdC/aWV69Bs9GKPXs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40c91bff72c07eaba6a75853f9eda7d1_JaffaCakes118

Files

40c91bff72c07eaba6a75853f9eda7d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ef91a7ec4280d1cdd423acac9faa1bfd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
LocalAlloc
DeleteCriticalSection
InitializeCriticalSection
TlsAlloc
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalFree
GlobalAlloc
LocalReAlloc
TlsGetValue
GetVersion
GetCurrentThreadId
lstrcpyA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
TlsSetValue
GlobalGetAtomNameA
lstrcmpiA
FreeLibrary
LoadLibraryA
GetProcessVersion
lstrcmpA
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentProcess
SetFilePointer
FlushFileBuffers
GetOverlappedResult
SetLastError
lstrcpynA
RtlUnwind
ExitProcess
TerminateProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
RaiseException
HeapSize
HeapReAlloc
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CloseHandle
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
Sleep
CreateEventA
WaitForSingleObject
GetLastError
WriteFile
ReadFile
GetVersionExA
GetModuleFileNameA
GetSystemDirectoryA
GetProcAddress
GetModuleHandleA
ReleaseMutex
CreateMutexA
lstrcatA
SetUnhandledExceptionFilter

user32

RegisterWindowMessageA
GetWindow
SystemParametersInfoA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
GetDlgCtrlID
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
GetWindowRect
IsIconic
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetSystemMetrics
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
UnhookWindowsHookEx
GetParent
GetLastActivePopup
IsWindowEnabled
SendMessageA
EnableWindow
LoadStringA
GetWindowPlacement
BeginPaint
EndPaint
SetWindowLongA
TranslateMessage
DispatchMessageA
CreateDialogParamA
GetMessageA
GetWindowLongA
CreateWindowExA
RegisterClassA
LoadCursorA
LoadIconA
FindWindowA
DefWindowProcA
KillTimer
MessageBoxA
SetWindowTextA
SetWindowPos
SetTimer
MsgWaitForMultipleObjects
LoadImageA
DestroyWindow
GetDlgItem
GetWindowTextA
PostQuitMessage
ShowWindow
UpdateWindow

gdi32

PtVisible
ExtTextOutA
RectVisible
TextOutA
DeleteObject
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
Escape
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
GetObjectA
GetDeviceCaps
SaveDC
RestoreDC
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx

advapi32

ControlService
DeleteService
RegisterServiceCtrlHandlerA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
CloseServiceHandle
SetServiceStatus
CreateServiceA
StartServiceA
OpenSCManagerA
OpenServiceA
StartServiceCtrlDispatcherA

shell32

ShellExecuteA

wsock32

gethostbyname
WSAGetLastError
WSACleanup
connect
WSAStartup
getservbyname
socket
htons

comctl32

ord17

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 724KB - Virtual size: 721KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef91a7ec4280d1cdd423acac9faa1bfd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

wsock32

comctl32

winspool.drv

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 16KB - Virtual size: 28KB

.rsrc Size: 724KB - Virtual size: 721KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 16KB - Virtual size: 28KB

.rsrc
Size: 724KB - Virtual size: 721KB